Spring Security Articles
Articles on Spring Security authentication, authorization, HTTP security, JWT, and method-level security.
-
How to Configure Spring Boot as an OAuth2 Resource Server - Implementing JWT Validation and Scope-Based Authorization
A guide to validating JWTs issued by external IdPs such as Keycloak, Cognito, and Auth0 using Spring Security's resource server features, and implementing scope- and claim-based authorization.
-
How to Use GraphQL with Spring Boot - Spring for GraphQL Basics and When to Use It vs REST API
Using Spring for GraphQL in Spring Boot 3.x, this guide covers schema definition, Query and Mutation Resolver implementation, handling N+1 problems with DataLoader, and integration with Spring Security. Includes a comparison with REST API to clarify when to choose GraphQL.
-
Spring Security Method Security - How to Implement RBAC with @PreAuthorize
Learn how to implement method-level Role-Based Access Control (RBAC) using @PreAuthorize/@PostAuthorize/@Secured in Spring Boot with practical code examples. Master fine-grained authorization control that cannot be achieved with SecurityFilterChain alone.
-
How to Implement Real-Time Communication with WebSocket in Spring Boot - Basics of STOMP and SockJS
Step-by-step guide to building a broadcast-style chat feature from scratch using Spring Boot + STOMP + SockJS. Covers @MessageMapping, SimpMessagingTemplate, and integration with Spring Security in a practical way.
-
Server-Side Rendering with Thymeleaf in Spring Boot: Implementation Guide
A hands-on tutorial covering how to integrate Thymeleaf into Spring Boot, including embedding model attributes in HTML, form processing, displaying Bean Validation errors, and Spring Security integration—all in one comprehensive guide.
-
How to Implement Google Login (OAuth2) with Spring Boot
A step-by-step guide to implementing Google social login from scratch using Spring Security OAuth2 Client. Covers everything from how the OAuth2 authorization code flow works to application.yml configuration and UserInfo retrieval, while building an app that runs in a local environment.
-
Spring Boot JWT Authentication with Spring Security (Tutorial)
Build JWT authentication for a Spring Boot REST API from scratch. Covers token generation, validation, JwtAuthenticationFilter, and SecurityFilterChain configuration with complete code examples.
-
Spring Security Authentication Tutorial: Basic Auth and Form Login
Step-by-step Spring Security authentication tutorial for Spring Boot. Covers Basic Auth, form login, UserDetailsService configuration, and common security pitfalls with working code.